Re: [Resolverless-dns] Paper on Resolver-less DNS

"Ralf Weber" <dns@fl1ger.de> Tue, 20 August 2019 08:10 UTC

Return-Path: <dns@fl1ger.de>
X-Original-To: resolverless-dns@ietfa.amsl.com
Delivered-To: resolverless-dns@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6844A120899 for <resolverless-dns@ietfa.amsl.com>; Tue, 20 Aug 2019 01:10:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fGMgxZ_LbgOq for <resolverless-dns@ietfa.amsl.com>; Tue, 20 Aug 2019 01:10:52 -0700 (PDT)
Received: from smtp.guxx.net (smtp.guxx.net [IPv6:2a01:4f8:a0:322c::25:42]) by ietfa.amsl.com (Postfix) with ESMTP id 45C7E120147 for <resolverless-dns@ietf.org>; Tue, 20 Aug 2019 01:10:51 -0700 (PDT)
Received: by nyx.guxx.net (Postfix, from userid 107) id 457455F42C72; Tue, 20 Aug 2019 10:10:50 +0200 (CEST)
Received: from [192.168.2.190] (p54B8ABDF.dip0.t-ipconnect.de [84.184.171.223]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by nyx.guxx.net (Postfix) with ESMTPSA id 5DD675F42A91; Tue, 20 Aug 2019 10:10:48 +0200 (CEST)
From: "Ralf Weber" <dns@fl1ger.de>
To: "Erik Sy" <sy@informatik.uni-hamburg.de>
Cc: resolverless-dns@ietf.org
Date: Tue, 20 Aug 2019 10:10:48 +0200
X-Mailer: MailMate (1.12.5r5635)
Message-ID: <DBB58F6A-A36C-4D71-A2A8-0A603AAA4076@fl1ger.de>
In-Reply-To: <f23e363b-1dda-5a79-5f7a-6a12b62ad67d@informatik.uni-hamburg.de>
References: <20190819203948.2BE688829F4@ary.qy> <f23e363b-1dda-5a79-5f7a-6a12b62ad67d@informatik.uni-hamburg.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/resolverless-dns/Xu1sgwaqN-rtz_75NzTFxy2QORw>
Subject: Re: [Resolverless-dns] Paper on Resolver-less DNS
X-BeenThere: resolverless-dns@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Resolverless DNS <resolverless-dns.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/resolverless-dns>, <mailto:resolverless-dns-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/resolverless-dns/>
List-Post: <mailto:resolverless-dns@ietf.org>
List-Help: <mailto:resolverless-dns-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/resolverless-dns>, <mailto:resolverless-dns-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Aug 2019 08:10:54 -0000

Moin!

On 19 Aug 2019, at 23:35, Erik Sy wrote:

> On 8/19/19 22:39, John Levine wrote:
>> In article 
>> <213a986b-479c-3d38-6ec3-cf53264474c2@informatik.uni-hamburg.de>; you 
>> write:
>>> Nonetheless, there exists empirical evidence that several popular 
>>> ISPs
>>> and Telcos sold data on their customers' online activities to
>>> advertising companies [1,2,3]. Thus, it is plausible that these ISPs 
>>> and
>>> Telcos use their DNS resolver to aggregate such user profiles.
>> Actually, no, it's not plausible.  The mechanisms described in these
>> papers are nothing like DNS queries.  If they could get enough data
>> from DNS queries, why would they bother rewriting HTTP headers?
> They do not use the HTTP header for data collection. Instead, they use
> the injected HTTP header to  communicate the tracking identifier 
> between
> the ISP and the advertising company as shown in this figure:
> https://jonathanmayer.org/stable/blog_images/verizon_header/verizon_header.png
But again it has nothing to do with DNS or selling DNS data. I’ve 
worked with
lots of ISP/Telcos around the globe and most of them were very aware of 
the
privacy aspect of DNS data and treated it with great care.

So long
-Ralf
---
Ralf Weber